How do I test for … weak passwords hashes

Posted on 2013/07/26 by Felix

So assuming for a moment you have a list of hashes (getting them is another topic altogether) there are a number of ways of testing how weak passwords hashes are.  Ultimately, the strength of a password is the amount of time it takes to crack it, so that’s what you need to do. 

There are a number of ways of getting passwords including:

  • Dictionary attacks
  • Rule based attacks
  • Brute forcing
  • Rainbow table attacks

Basically the first three of these can be done with HashCat and the Rainbow Table cracking can be done with Rcracki.

First, you need to make sure that your input file is just the hashes themselves one per line.

How to perform a HashCat?

Then to perform a HashCat crack you have a few further options.  First one is to choose to run the crack on your CPU or your GPU.  Basically, your GPU is designed to deal with graphics calculations which also happen to be perfect for dealing with password cracking.  As a result, your GPU is MUCH MUCH faster than your CPU. 

Not everyone has a fancy graphics card though so here are the three options:

HashCat cracker (CPU):
./hashcat-cli64.bin -m[hash ID] [input file] [dict file] –rules rules/d3ad0ne.rule

HashCat cracker (nVidia GPU):
./cudaHashcat-plus64.bin -m[hash ID] [input file] [dict file] –rules rules/d3ad0ne.rule

HashCat cracker (ATI GPU):
./oclHashcat-plus64.bin -m[hash ID] [input file] [dict file] –rules rules/d3ad0ne.rule

(Swap the 64 for a 32 if your on a 32 bit environment…)

To get the hash ID, run the first part of the command followed by “–help” and you will get a list of all the codes.

If your up for cracking more you can also change the ruleset, create your own dictionaries (start with the rockyou list) by scouring the companies website and coming up with keywords, making word lists using HashCat’s mask processor and load the passwords already cracked back into HashCat and re-running.

To perform a Rainbow Table crack you need the following command:

./rcracki_mt -l [input file] [rainbow table directory]/*

And if you are lucky enough to have a nVidia graphics card, add the “-g” flag for the experimental, you won’t find this one in the manual as it is only in beta, there are some suggestions that this is not multi-threaded and that the gains are minimal. 

To get the usual help message don’t give it any command-line arguments.  There are extra options that you should use, like -t to select how many threads you want to use (hint. the number should be the number of cores your machine has).

YGHT can help you secure your technologies

Learn how by contacting us

This entry was posted in How do I test for .... Bookmark the permalink.